https://issues.apache.org/jira/browse/AMQ-3308 - Minor code improvements in jaas module. patch applied with thanks.

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1101099 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Gary Tully 2011-05-09 16:33:59 +00:00
parent 0619a8757e
commit 1667d80041
9 changed files with 53 additions and 25 deletions

View File

@ -52,13 +52,14 @@ public abstract class CertificateLoginModule implements LoginModule {
private X509Certificate certificates[];
private String username;
private Set groups;
private Set<String> groups;
private Set<Principal> principals = new HashSet<Principal>();
private boolean debug;
/**
* Overriding to allow for proper initialization. Standard JAAS.
*/
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
@ -73,6 +74,7 @@ public abstract class CertificateLoginModule implements LoginModule {
/**
* Overriding to allow for certificate-based login. Standard JAAS.
*/
@Override
public boolean login() throws LoginException {
Callback[] callbacks = new Callback[1];
@ -102,13 +104,12 @@ public abstract class CertificateLoginModule implements LoginModule {
/**
* Overriding to complete login process. Standard JAAS.
*/
@Override
public boolean commit() throws LoginException {
principals.add(new UserPrincipal(username));
String currentGroup = null;
for (Iterator iter = groups.iterator(); iter.hasNext();) {
currentGroup = (String)iter.next();
principals.add(new GroupPrincipal(currentGroup));
for (String group : groups) {
principals.add(new GroupPrincipal(group));
}
subject.getPrincipals().addAll(principals);
@ -124,6 +125,7 @@ public abstract class CertificateLoginModule implements LoginModule {
/**
* Standard JAAS override.
*/
@Override
public boolean abort() throws LoginException {
clear();
@ -136,6 +138,7 @@ public abstract class CertificateLoginModule implements LoginModule {
/**
* Standard JAAS override.
*/
@Override
public boolean logout() {
subject.getPrincipals().removeAll(principals);
principals.clear();
@ -172,7 +175,7 @@ public abstract class CertificateLoginModule implements LoginModule {
* getUserNameForDn returned for the user's DN.
* @return A Set of the names of the groups this user belongs to.
*/
protected abstract Set getUserGroups(final String username) throws LoginException;
protected abstract Set<String> getUserGroups(final String username) throws LoginException;
protected String getDistinguishedName(final X509Certificate[] certs) {
if (certs != null && certs.length > 0 && certs[0] != null) {

View File

@ -33,10 +33,12 @@ public class GroupPrincipal implements Principal {
this.name = name;
}
@Override
public String getName() {
return name;
}
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
@ -54,6 +56,7 @@ public class GroupPrincipal implements Principal {
return true;
}
@Override
public int hashCode() {
if (hash == 0) {
hash = name.hashCode();
@ -61,6 +64,7 @@ public class GroupPrincipal implements Principal {
return hash;
}
@Override
public String toString() {
return name;
}

View File

@ -56,7 +56,7 @@ public class GuestLoginModule implements LoginModule {
private CallbackHandler callbackHandler;
private boolean loginSucceeded;
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
@ -77,6 +77,7 @@ public class GuestLoginModule implements LoginModule {
}
@Override
public boolean login() throws LoginException {
loginSucceeded = true;
if (credentialsInvalidate) {
@ -100,6 +101,7 @@ public class GuestLoginModule implements LoginModule {
return loginSucceeded;
}
@Override
public boolean commit() throws LoginException {
if (loginSucceeded) {
subject.getPrincipals().addAll(principals);
@ -111,6 +113,7 @@ public class GuestLoginModule implements LoginModule {
return loginSucceeded;
}
@Override
public boolean abort() throws LoginException {
if (debug) {
@ -119,6 +122,7 @@ public class GuestLoginModule implements LoginModule {
return true;
}
@Override
public boolean logout() throws LoginException {
subject.getPrincipals().removeAll(principals);

View File

@ -50,6 +50,7 @@ public class JaasCertificateCallbackHandler implements CallbackHandler {
* @throws UnsupportedCallbackException Thrown if an unkown Callback type is
* encountered.
*/
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
Callback callback = callbacks[i];

View File

@ -37,6 +37,7 @@ public class JassCredentialCallbackHandler implements CallbackHandler {
this.password = password;
}
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
Callback callback = callbacks[i];

View File

@ -22,7 +22,7 @@ import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
@ -82,6 +82,7 @@ public class LDAPLoginModule implements LoginModule {
private String username;
private Set<GroupPrincipal> groups = new HashSet<GroupPrincipal>();
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;
this.handler = callbackHandler;
@ -104,6 +105,7 @@ public class LDAPLoginModule implements LoginModule {
};
}
@Override
public boolean login() throws LoginException {
Callback[] callbacks = new Callback[2];
@ -141,21 +143,23 @@ public class LDAPLoginModule implements LoginModule {
}
}
@Override
public boolean logout() throws LoginException {
username = null;
return true;
}
@Override
public boolean commit() throws LoginException {
Set<Principal> principals = subject.getPrincipals();
principals.add(new UserPrincipal(username));
Iterator<GroupPrincipal> iter = groups.iterator();
while (iter.hasNext()) {
principals.add(iter.next());
for (GroupPrincipal gp : groups) {
principals.add(gp);
}
return true;
}
@Override
public boolean abort() throws LoginException {
username = null;
return true;
@ -196,7 +200,7 @@ public class LDAPLoginModule implements LoginModule {
}
// setup attributes
ArrayList<String> list = new ArrayList<String>();
List<String> list = new ArrayList<String>();
if (isLoginPropertySet(USER_ROLE_NAME)) {
list.add(getLDAPPropertyValue(USER_ROLE_NAME));
}
@ -204,13 +208,13 @@ public class LDAPLoginModule implements LoginModule {
list.toArray(attribs);
constraints.setReturningAttributes(attribs);
NamingEnumeration results = context.search(getLDAPPropertyValue(USER_BASE), filter, constraints);
NamingEnumeration<SearchResult> results = context.search(getLDAPPropertyValue(USER_BASE), filter, constraints);
if (results == null || !results.hasMore()) {
return false;
}
SearchResult result = (SearchResult)results.next();
SearchResult result = results.next();
if (results.hasMore()) {
// ignore for now
@ -227,7 +231,7 @@ public class LDAPLoginModule implements LoginModule {
if (attrs == null) {
return false;
}
ArrayList<String> roles = null;
List<String> roles = null;
if (isLoginPropertySet(USER_ROLE_NAME)) {
roles = addAttributeValues(getLDAPPropertyValue(USER_ROLE_NAME), attrs, roles);
}
@ -254,8 +258,8 @@ public class LDAPLoginModule implements LoginModule {
return true;
}
protected ArrayList<String> getRoles(DirContext context, String dn, String username, ArrayList<String> currentRoles) throws NamingException {
ArrayList<String> list = currentRoles;
protected List<String> getRoles(DirContext context, String dn, String username, List<String> currentRoles) throws NamingException {
List<String> list = currentRoles;
MessageFormat roleSearchMatchingFormat;
boolean roleSearchSubtreeBool;
roleSearchMatchingFormat = new MessageFormat(getLDAPPropertyValue(ROLE_SEARCH_MATCHING));
@ -277,9 +281,9 @@ public class LDAPLoginModule implements LoginModule {
} else {
constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
NamingEnumeration results = context.search(getLDAPPropertyValue(ROLE_BASE), filter, constraints);
NamingEnumeration<SearchResult> results = context.search(getLDAPPropertyValue(ROLE_BASE), filter, constraints);
while (results.hasMore()) {
SearchResult result = (SearchResult)results.next();
SearchResult result = results.next();
Attributes attrs = result.getAttributes();
if (attrs == null) {
continue;
@ -346,7 +350,7 @@ public class LDAPLoginModule implements LoginModule {
return isValid;
}
private ArrayList<String> addAttributeValues(String attrId, Attributes attrs, ArrayList<String> values) throws NamingException {
private List<String> addAttributeValues(String attrId, Attributes attrs, List<String> values) throws NamingException {
if (attrId == null || attrs == null) {
return values;
@ -358,7 +362,7 @@ public class LDAPLoginModule implements LoginModule {
if (attr == null) {
return values;
}
NamingEnumeration e = attr.getAll();
NamingEnumeration<?> e = attr.getAll();
while (e.hasMore()) {
String value = (String)e.next();
values.add(value);

View File

@ -61,7 +61,7 @@ public class PropertiesLoginModule implements LoginModule {
private File baseDir;
private boolean loginSucceeded;
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
@ -124,6 +124,7 @@ public class PropertiesLoginModule implements LoginModule {
}
}
@Override
public boolean login() throws LoginException {
Callback[] callbacks = new Callback[2];
@ -160,12 +161,13 @@ public class PropertiesLoginModule implements LoginModule {
return loginSucceeded;
}
@Override
public boolean commit() throws LoginException {
boolean result = loginSucceeded;
if (result) {
principals.add(new UserPrincipal(user));
for (Enumeration enumeration = groups.keys(); enumeration.hasMoreElements();) {
for (Enumeration<?> enumeration = groups.keys(); enumeration.hasMoreElements();) {
String name = (String)enumeration.nextElement();
String[] userList = ((String)groups.getProperty(name) + "").split(",");
for (int i = 0; i < userList.length; i++) {
@ -188,6 +190,7 @@ public class PropertiesLoginModule implements LoginModule {
return result;
}
@Override
public boolean abort() throws LoginException {
clear();
@ -197,6 +200,7 @@ public class PropertiesLoginModule implements LoginModule {
return true;
}
@Override
public boolean logout() throws LoginException {
subject.getPrincipals().removeAll(principals);
principals.clear();

View File

@ -55,6 +55,7 @@ public class TextFileCertificateLoginModule extends CertificateLoginModule {
/**
* Performs initialization of file paths. A standard JAAS override.
*/
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
super.initialize(subject, callbackHandler, sharedState, options);
if (System.getProperty("java.security.auth.login.config") != null) {
@ -77,6 +78,7 @@ public class TextFileCertificateLoginModule extends CertificateLoginModule {
* @throws LoginException Thrown if unable to find user file or connection
* certificate.
*/
@Override
protected String getUserNameForCertificates(final X509Certificate[] certs) throws LoginException {
if (certs == null) {
throw new LoginException("Client certificates not found. Cannot authenticate.");
@ -97,7 +99,7 @@ public class TextFileCertificateLoginModule extends CertificateLoginModule {
String dn = getDistinguishedName(certs);
Enumeration<Object> keys = users.keys();
for (Enumeration vals = users.elements(); vals.hasMoreElements();) {
for (Enumeration<Object> vals = users.elements(); vals.hasMoreElements();) {
if (((String)vals.nextElement()).equals(dn)) {
return (String)keys.nextElement();
} else {
@ -116,6 +118,7 @@ public class TextFileCertificateLoginModule extends CertificateLoginModule {
* @return A Set of name Strings for groups this user belongs to.
* @throws LoginException Thrown if unable to find group definition file.
*/
@Override
protected Set<String> getUserGroups(String username) throws LoginException {
File groupsFile = new File(baseDir, groupsFilePathname);
@ -128,7 +131,7 @@ public class TextFileCertificateLoginModule extends CertificateLoginModule {
throw new LoginException("Unable to load group properties file " + groupsFile);
}
Set<String> userGroups = new HashSet<String>();
for (Enumeration enumeration = groups.keys(); enumeration.hasMoreElements();) {
for (Enumeration<Object> enumeration = groups.keys(); enumeration.hasMoreElements();) {
String groupName = (String)enumeration.nextElement();
String[] userList = (groups.getProperty(groupName) + "").split(",");
for (int i = 0; i < userList.length; i++) {

View File

@ -33,10 +33,12 @@ public class UserPrincipal implements Principal {
this.name = name;
}
@Override
public String getName() {
return name;
}
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
@ -54,6 +56,7 @@ public class UserPrincipal implements Principal {
return true;
}
@Override
public int hashCode() {
if (hash == 0) {
hash = name.hashCode();
@ -61,6 +64,7 @@ public class UserPrincipal implements Principal {
return hash;
}
@Override
public String toString() {
return name;
}